Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IwqSycUUat3k79Iphc3PX3aWPOs.roa
File: IwqSycUUat3k79Iphc3PX3aWPOs.roa (raw, json)
Hash identifier: eOapIjwaSsUolY3Lli9e/7veU0MNlHwQUP21TxW7nUo=
Subject key identifier: 23:0A:92:C9:C5:14:6A:DD:E4:EF:D2:29:85:CD:CF:5F:76:96:3C:EB
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0182A598E8BBA9F83F6717862E09FF31AE39
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IwqSycUUat3k79Iphc3PX3aWPOs.roa
Signing time: Tue 16 Aug 2022 07:40:37 +0000
ROA not before: Tue 16 Aug 2022 07:40:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 89.116.132.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.117.109.0/24 maxlen: 24
89.116.150.0/24 maxlen: 24
89.117.24.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.218.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.117.129.0/24 maxlen: 24
89.116.175.0/24 maxlen: 24
89.116.177.0/24 maxlen: 24
89.116.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a5:98:e8:bb:a9:f8:3f:67:17:86:2e:09:ff:31:ae:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Aug 16 07:40:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=230a92c9c5146adde4efd22985cdcf5f76963ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:94:15:13:20:bb:a0:ca:04:6c:0f:57:6d:f1:
09:08:6b:cc:8d:2b:76:fc:2c:f1:45:5d:10:5b:d4:
ca:30:85:3a:32:5a:4e:30:bd:ed:9f:25:cf:2c:6d:
81:d1:f7:20:2e:41:ae:b9:34:86:9a:12:4d:68:57:
5a:80:e7:03:1e:62:58:1b:07:19:44:fd:4e:75:7a:
9d:f6:0e:74:75:c9:cd:a3:38:8a:69:2e:75:7f:09:
22:74:b4:2c:6a:07:77:75:26:29:78:19:7c:06:46:
b1:0f:1a:a0:3e:ea:79:d9:96:60:19:8b:17:f9:d0:
10:39:6a:b4:c3:49:19:39:3d:08:3a:80:cf:71:1b:
48:0e:5e:ff:ec:55:1f:8c:c3:33:f6:d9:1c:e3:f5:
66:c6:57:53:41:5d:78:01:7b:af:6d:e1:47:3d:32:
4d:60:e1:d4:61:ba:bb:fd:75:48:87:41:dd:33:bc:
f7:82:04:e1:d8:f4:97:54:58:2d:4a:74:9e:8d:84:
92:e2:2c:d1:4e:b8:d1:60:35:e3:a5:2f:b1:8c:54:
53:d3:a6:b3:13:db:eb:b1:1d:23:76:10:e2:d3:8b:
3c:c5:e0:c9:64:dd:1f:13:2b:b1:1d:bf:d0:19:b6:
ae:a9:3d:a1:42:11:ea:48:cd:4b:b2:ed:cb:c0:a4:
7c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0A:92:C9:C5:14:6A:DD:E4:EF:D2:29:85:CD:CF:5F:76:96:3C:EB
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/IwqSycUUat3k79Iphc3PX3aWPOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.92.0/24
89.116.132.0/24
89.116.135.0/24
89.116.150.0/24
89.116.163.0/24
89.116.166.0/24
89.116.175.0/24
89.116.177.0/24
89.116.186.0/24
89.116.218.0/24
89.116.252.0/23
89.116.255.0/24
89.117.24.0/23
89.117.32.0/23
89.117.109.0/24
89.117.129.0/24
89.117.190.0/24
89.117.222.0/24
Signature Algorithm: sha256WithRSAEncryption
81:d7:4b:2b:09:96:96:cf:bd:6d:7a:cf:53:07:e3:04:fb:09:
e0:ab:62:96:9e:c9:97:1a:3a:73:38:48:3b:8c:93:70:44:e1:
d2:62:be:a1:5c:c4:ff:4a:94:75:4e:37:f7:b0:bc:e7:fa:d1:
69:5c:50:44:40:9a:f9:81:91:2b:5a:a4:96:04:95:99:f3:09:
72:4c:6b:be:4d:62:0d:65:e8:cc:70:f1:5e:40:39:72:5d:8c:
8f:f6:38:6d:a3:bb:d4:1b:8b:f1:87:1a:36:1c:04:85:81:45:
fe:35:ac:e2:7e:37:9c:81:5a:72:82:f9:72:3f:e9:c4:62:db:
bf:ee:6c:15:0c:55:f1:c2:ab:d6:17:c6:93:59:64:82:64:cc:
0d:7a:c1:b2:30:2c:b8:d3:f2:9e:5b:72:e7:e0:83:86:18:78:
a3:47:76:98:9f:38:14:32:da:b6:e2:fe:69:f9:76:72:ec:e7:
08:40:2f:a1:9c:3a:46:e3:eb:64:a6:7d:d2:3b:4d:bc:46:3c:
76:31:4e:9e:49:67:de:60:6b:68:c8:66:bc:b6:c6:f6:08:56:
e8:7d:16:f0:37:6e:d5:23:41:4e:13:75:aa:e9:60:bc:e4:90:
fd:79:c7:a1:e2:a0:8e:cf:6a:20:49:57:60:cd:bf:35:e5:98:
7e:09:51:61
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYKlmOi7qfg/ZxeGLgn/Ma45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Njk4NTg1ZTVlYmQxMWM5NjljN2VkNGEzMjBlZGFmYzlk
MTc4MjIwHhcNMjIwODE2MDc0MDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBhOTJjOWM1MTQ2YWRkZTRlZmQyMjk4NWNkY2Y1Zjc2OTYzY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupQVEyC7oMoEbA9XbfEJCGvMjSt2
/CzxRV0QW9TKMIU6MlpOML3tnyXPLG2B0fcgLkGuuTSGmhJNaFdagOcDHmJYGwcZ
RP1OdXqd9g50dcnNoziKaS51fwkidLQsagd3dSYpeBl8BkaxDxqgPup52ZZgGYsX
+dAQOWq0w0kZOT0IOoDPcRtIDl7/7FUfjMMz9tkc4/VmxldTQV14AXuvbeFHPTJN
YOHUYbq7/XVIh0HdM7z3ggTh2PSXVFgtSnSejYSS4izRTrjRYDXjpS+xjFRT06az
E9vrsR0jdhDi04s8xeDJZN0fEyuxHb/QGbauqT2hQhHqSM1Lsu3LwKR8/QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFCMKksnFFGrd5O/SKYXNz192ljzrMB8GA1UdIwQY
MBaAFMRphYXl69Eclpx+1KMg7a/J0XgiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgt
OWQ2MDAxZjc4YTcwLzEvSXdxU3ljVVVhdDNrNzlJcGhjM1BYM2FXUE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS81MzEwZGEtNjgyMS00NjczLTllOTgtOWQ2MDAxZjc4YTcw
LzEveEdtRmhlWHIwUnlXbkg3VW95RHRyOG5SZUNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFl0XAME
AFl0hAMEAFl0hwMEAFl0lgMEAFl0owMEAFl0pgMEAFl0rwMEAFl0sQMEAFl0ugME
AFl02gMEAVl0/AMEAFl0/wMEAVl1GAMEAVl1IAMEAFl1bQMEAFl1gQMEAFl1vgME
AFl13jANBgkqhkiG9w0BAQsFAAOCAQEAgddLKwmWls+9bXrPUwfjBPsJ4Ktilp7J
lxo6czhIO4yTcETh0mK+oVzE/0qUdU4397C85/rRaVxQRECa+YGRK1qklgSVmfMJ
ckxrvk1iDWXozHDxXkA5cl2Mj/Y4baO71BuL8YcaNhwEhYFF/jWs4n43nIFacoL5
cj/pxGLbv+5sFQxV8cKr1hfGk1lkgmTMDXrBsjAsuNPynlty5+CDhhh4o0d2mJ84
FDLatuL+afl2cuznCEAvoZw6RuPrZKZ90jtNvEY8djFOnkln3mBraMhmvLbG9ghW
6H0W8Ddu1SNBThN1qulgvOSQ/XnHoeKgjs9qIElXYM2/NeWYfglRYQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-fra.rpki-client.org